Explicitly set key and keyserver for docker apt repository #217
Conversation
sethrosenblum
force-pushed
the
apt_key_server
branch
from
e7f953f
to
f0e1654
Compare
|
I have to admit my ignorance on the matter. What is the likelihood that the repo_key will change? |
|
It's pretty low - likely only if it's "compromised". They don't have an expiry on the key either. If you look at Docker's own Ubuntu setup script here: http://get.docker.com/ubuntu/ You'll see that they actually install the key from the keyserver - not the URL: This change makes the cookbook more resilient and faster - it no longer has to check the key on every chef run. +1 |
|
Awesome. I agree that the change is an improvement I just wanted to make sure that the cookbook wasn't likely to break without warning or we were going to have to update the cookbook super frequently. This looks good to merge. I'm going to release this as a patch release so I'll do that soon. |
|
Can I make one request - can you document inline how you acquire that repo_key value? |
…ocker.io on every chef run.
sethrosenblum
force-pushed
the
apt_key_server
branch
from
f0e1654
to
1976289
Compare
|
👍 |
|
Closed - merged into the 0.35-stable branch. Will be released in the next 0.35 patch release. |
Currently we make a request to get.docker.io on every chef run, whether or not we already have the apt key installed. This should fix #215 .